Skip to main content

Roles Required to Link Policies to Controls in Drata

Learn how roles like Control Manager, Policy Manager, and Admin determine access and permissions in Drata for linking policies to controls and performing administrative tasks.

Updated over 2 weeks ago

Overview

Managing roles and permissions in Drata ensures users can perform compliance and administrative tasks securely and efficiently. This article outlines the specific roles and permissions needed to link policies to controls and perform key administrative functions.

Control Manager

Users with the Control Manager role can link existing policies to controls directly from the control drawer in the Controls page.

Note: This role does not provide access to the Policy Center page. If broader access is needed, assign the Policy Manager role in addition.

Policy Manager

Users with the Policy Manager role can:

  • Access the Policy Center page

  • Link policies to controls directly from policies or via the control drawer

Admin

Users with the Admin role can:

  • Perform administrative tasks across Drata

  • Assign or modify roles, including granting Control Manager or Policy Manager roles

If a user cannot perform a specific action, they likely need additional permissions or a role update from an Admin.

Use Cases / Best Practices

Linking Policies to Controls

While linking policies to controls helps streamline compliance, not all policies are directly tied to a specific control. Consider the following:

  • Many policies support multiple controls

  • Policies are often associated with monitoring tests rather than having a 1:1 control relationship

  • Naming similarities between monitoring tests and controls can indicate linkage

Did this answer your question?